Partial support for KEKRecipientInfo type.

c36e936b · Dr. Stephen Henson · 761ffa72 · c36e936b · c36e936b · c36e936b
7 changed file
--- a/crypto/cms/cms.h
+++ b/crypto/cms/cms.h
@@ -273,6 +273,7 @@ void ERR_load_CMS_strings(void);

 /* Function codes. */
 #define CMS_F_CHECK_CONTENT				 151
+#define CMS_F_CMS_ADD0_RECIPIENT_KEY			 157
 #define CMS_F_CMS_ADD1_RECIPIENT_CERT			 99
 #define CMS_F_CMS_ADD1_SIGNER				 100
 #define CMS_F_CMS_ADD1_SIGNINGTIME			 101
@@ -314,6 +315,7 @@ void ERR_load_CMS_strings(void);
 #define CMS_F_CMS_GET0_REVOCATION_CHOICES		 120
 #define CMS_F_CMS_GET0_SIGNED				 121
 #define CMS_F_CMS_RECIPIENTINFO_DECRYPT			 150
+#define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID		 158
 #define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP		 122
 #define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT		 155
 #define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS		 123
@@ -353,6 +355,7 @@ void ERR_load_CMS_strings(void);
 #define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH	 112
 #define CMS_R_MESSAGEDIGEST_WRONG_LENGTH		 113
 #define CMS_R_NOT_ENCRYPTED_DATA			 143
+#define CMS_R_NOT_KEK					 152
 #define CMS_R_NOT_KEY_TRANSPORT				 114
 #define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE		 115
 #define CMS_R_NO_CIPHER					 144
@@ -382,6 +385,7 @@ void ERR_load_CMS_strings(void);
 #define CMS_R_UNKNOWN_ID				 133
 #define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM		 134
 #define CMS_R_UNSUPPORTED_CONTENT_TYPE			 135
+#define CMS_R_UNSUPPORTED_KEK_ALGORITHM			 153
 #define CMS_R_UNSUPPORTED_RECIPIENT_TYPE		 151
 #define CMS_R_UNSUPPORTED_TYPE				 136
 #define CMS_R_VERIFICATION_FAILURE			 137

--- a/crypto/cms/cms_env.c
+++ b/crypto/cms/cms_env.c
@@ -66,6 +66,8 @@
 DECLARE_ASN1_ITEM(CMS_EnvelopedData)
 DECLARE_ASN1_ITEM(CMS_RecipientInfo)
 DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
+DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)

 DECLARE_STACK_OF(CMS_RecipientInfo)

@@ -227,6 +229,137 @@ CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,

 	}

+int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri,
+					X509_ALGOR **palg,
+					ASN1_OCTET_STRING **pid,
+					ASN1_GENERALIZEDTIME **pdate,
+					ASN1_OBJECT **potherid,
+					ASN1_TYPE **pothertype)
+	{
+	CMS_KEKIdentifier *rkid;
+	if (ri->type != CMS_RECIPINFO_KEK)
+		{
+		CMSerr(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID, CMS_R_NOT_KEK);
+		return 0;
+		}
+	rkid =  ri->d.kekri->kekid;
+	if (palg)
+		*palg = ri->d.kekri->keyEncryptionAlgorithm;
+	if (pid)
+		*pid = rkid->keyIdentifier;
+	if (pdate)
+		*pdate = rkid->date;
+	if (potherid)
+		{
+		if (rkid->other)
+			*potherid = rkid->other->keyAttrId;
+		else
+			*potherid = NULL;
+		}
+	if (pothertype)
+		{
+		if (rkid->other)
+			*pothertype = rkid->other->keyAttr;
+		else
+			*pothertype = NULL;
+		}
+	return 1;
+	}
+
+
+CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid,
+					unsigned char *key, size_t keylen,
+					unsigned char *id, size_t idlen,
+					ASN1_GENERALIZEDTIME *date,
+					ASN1_OBJECT *otherTypeId,
+					ASN1_TYPE *otherType)
+	{
+	CMS_RecipientInfo *ri = NULL;
+	CMS_EnvelopedData *env;
+	CMS_KEKRecipientInfo *kekri;
+	size_t exp_keylen = 0;
+	env = cms_get0_enveloped(cms);
+	if (!env)
+		goto err;
+
+	/* For now hard code checks on nids */
+	switch (nid)
+		{
+		case NID_id_aes128_wrap:
+		exp_keylen = 16;
+		break;
+
+		case NID_id_aes192_wrap:
+		exp_keylen = 24;
+		break;
+
+		case NID_id_aes256_wrap:
+		exp_keylen = 32;
+		break;
+
+		default:
+		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
+				CMS_R_UNSUPPORTED_KEK_ALGORITHM);
+		goto err;
+		}
+
+	if (exp_keylen && (keylen != exp_keylen))
+		{
+		CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY,
+				CMS_R_INVALID_KEY_LENGTH);
+		goto err;
+		}
+
+	/* Initialize recipient info */
+	ri = M_ASN1_new_of(CMS_RecipientInfo);
+	if (!ri)
+		goto merr;
+
+	ri->d.kekri = M_ASN1_new_of(CMS_KEKRecipientInfo);
+	if (!ri->d.kekri)
+		goto merr;
+	ri->type = CMS_RECIPINFO_KEK;
+
+	kekri = ri->d.kekri;
+
+	if (otherTypeId)
+		{
+		kekri->kekid->other = M_ASN1_new_of(CMS_OtherKeyAttribute);
+		if (kekri->kekid->other == NULL)
+			goto merr;
+		}
+
+	if (!sk_CMS_RecipientInfo_push(env->recipientInfos, ri))
+		goto merr;
+
+	/* After this point no calls can fail */
+
+	kekri->version = 4;
+
+	kekri->key = key;
+	kekri->keylen = keylen;
+
+	ASN1_STRING_set0(kekri->kekid->keyIdentifier, id, idlen);
+
+	kekri->kekid->date = date;
+
+	kekri->kekid->other->keyAttrId = otherTypeId;
+	kekri->kekid->other->keyAttr = otherType;
+
+	X509_ALGOR_set0(kekri->keyEncryptionAlgorithm,
+				OBJ_nid2obj(nid), V_ASN1_UNDEF, NULL);
+
+	return ri;
+
+	merr:
+	CMSerr(CMS_F_CMS_ADD0_RECIPIENT_KEY, ERR_R_MALLOC_FAILURE);
+	err:
+	if (ri)
+		M_ASN1_free_of(ri, CMS_RecipientInfo);
+	return NULL;
+
+	}
+
 int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri,
 					EVP_PKEY **pk, X509 **recip,
 					X509_ALGOR **palg)

--- a/crypto/cms/cms_err.c
+++ b/crypto/cms/cms_err.c
@@ -71,6 +71,7 @@
 static ERR_STRING_DATA CMS_str_functs[]=
 	{
 {ERR_FUNC(CMS_F_CHECK_CONTENT),	"CHECK_CONTENT"},
+{ERR_FUNC(CMS_F_CMS_ADD0_RECIPIENT_KEY),	"CMS_ADD0_RECIPIENT_KEY"},
 {ERR_FUNC(CMS_F_CMS_ADD1_RECIPIENT_CERT),	"CMS_add1_recipient_cert"},
 {ERR_FUNC(CMS_F_CMS_ADD1_SIGNER),	"CMS_add1_signer"},
 {ERR_FUNC(CMS_F_CMS_ADD1_SIGNINGTIME),	"CMS_ADD1_SIGNINGTIME"},
@@ -112,6 +113,7 @@ static ERR_STRING_DATA CMS_str_functs[]=
 {ERR_FUNC(CMS_F_CMS_GET0_REVOCATION_CHOICES),	"CMS_GET0_REVOCATION_CHOICES"},
 {ERR_FUNC(CMS_F_CMS_GET0_SIGNED),	"CMS_GET0_SIGNED"},
 {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_DECRYPT),	"CMS_RecipientInfo_decrypt"},
+{ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID),	"CMS_RECIPIENTINFO_KEKRI_GET0_ID"},
 {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP),	"CMS_RecipientInfo_ktri_cert_cmp"},
 {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT),	"CMS_RECIPIENTINFO_KTRI_ENCRYPT"},
 {ERR_FUNC(CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS),	"CMS_RecipientInfo_ktri_get0_algs"},
@@ -154,6 +156,7 @@ static ERR_STRING_DATA CMS_str_reasons[]=
 {ERR_REASON(CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH),"messagedigest attribute wrong length"},
 {ERR_REASON(CMS_R_MESSAGEDIGEST_WRONG_LENGTH),"messagedigest wrong length"},
 {ERR_REASON(CMS_R_NOT_ENCRYPTED_DATA)    ,"not encrypted data"},
+{ERR_REASON(CMS_R_NOT_KEK)               ,"not kek"},
 {ERR_REASON(CMS_R_NOT_KEY_TRANSPORT)     ,"not key transport"},
 {ERR_REASON(CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE),"not supported for this key type"},
 {ERR_REASON(CMS_R_NO_CIPHER)             ,"no cipher"},
@@ -183,6 +186,7 @@ static ERR_STRING_DATA CMS_str_reasons[]=
 {ERR_REASON(CMS_R_UNKNOWN_ID)            ,"unknown id"},
 {ERR_REASON(CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM),"unsupported compression algorithm"},
 {ERR_REASON(CMS_R_UNSUPPORTED_CONTENT_TYPE),"unsupported content type"},
+{ERR_REASON(CMS_R_UNSUPPORTED_KEK_ALGORITHM),"unsupported kek algorithm"},
 {ERR_REASON(CMS_R_UNSUPPORTED_RECIPIENT_TYPE),"unsupported recipient type"},
 {ERR_REASON(CMS_R_UNSUPPORTED_TYPE)      ,"unsupported type"},
 {ERR_REASON(CMS_R_VERIFICATION_FAILURE)  ,"verification failure"},

--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -62,12 +62,12 @@
 * [including the GNU Public Licence.]
 */

-#define NUM_NID 853
-#define NUM_SN 845
-#define NUM_LN 845
-#define NUM_OBJ 799
+#define NUM_NID 857
+#define NUM_SN 848
+#define NUM_LN 848
+#define NUM_OBJ 802

-static const unsigned char lvalues[5664]={
+static const unsigned char lvalues[5691]={
 0x00,                                        /* [  0] OBJ_undef */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,               /* [  1] OBJ_rsadsi */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,          /* [  7] OBJ_pkcs */
@@ -866,7 +866,10 @@ static const unsigned char lvalues[5664]={
 0x2A,0x85,0x03,0x02,0x09,0x01,0x03,0x04,     /* [5630] OBJ_id_GostR3411_94_with_GostR3410_2001_cc */
 0x2A,0x85,0x03,0x02,0x09,0x01,0x08,0x01,     /* [5638] OBJ_id_GostR3410_2001_ParamSet_cc */
 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x09,/* [5646] OBJ_id_smime_ct_compressedData */
-0x2A,0x85,0x03,0x02,0x02,0x16,               /* [5657] OBJ_id_Gost28147_89_MAC */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x05,/* [5657] OBJ_id_aes128_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x19,/* [5666] OBJ_id_aes192_wrap */
+0x60,0x86,0x48,0x01,0x65,0x03,0x04,0x01,0x2D,/* [5675] OBJ_id_aes256_wrap */
+0x2A,0x85,0x03,0x02,0x02,0x16,               /* [5684] OBJ_id_Gost28147_89_MAC */
 };

 static const ASN1_OBJECT nid_objs[NUM_NID]={
@@ -2240,8 +2243,15 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
 {"HMAC","hmac",NID_hmac,0,NULL,0},
 {"id-smime-ct-compressedData","id-smime-ct-compressedData",
 	NID_id_smime_ct_compressedData,11,&(lvalues[5646]),0},
-{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
+{NULL,NULL,NID_undef,0,NULL,0},
+{"id-aes128-wrap","id-aes128-wrap",NID_id_aes128_wrap,9,
 	&(lvalues[5657]),0},
+{"id-aes192-wrap","id-aes192-wrap",NID_id_aes192_wrap,9,
+	&(lvalues[5666]),0},
+{"id-aes256-wrap","id-aes256-wrap",NID_id_aes256_wrap,9,
+	&(lvalues[5675]),0},
+{"gost-mac","GOST 28147-89 MAC",NID_id_Gost28147_89_MAC,6,
+	&(lvalues[5684]),0},
 };

 static const unsigned int sn_objs[NUM_SN]={
@@ -2523,7 +2533,7 @@ static const unsigned int sn_objs[NUM_SN]={
 490,	/* "friendlyCountryName" */
 156,	/* "friendlyName" */
 509,	/* "generationQualifier" */
-852,	/* "gost-mac" */
+856,	/* "gost-mac" */
 806,	/* "gost2001" */
 846,	/* "gost2001cc" */
 808,	/* "gost89" */
@@ -2593,6 +2603,9 @@ static const unsigned int sn_objs[NUM_SN]={
 357,	/* "id-aca-group" */
 358,	/* "id-aca-role" */
 176,	/* "id-ad" */
+853,	/* "id-aes128-wrap" */
+854,	/* "id-aes192-wrap" */
+855,	/* "id-aes256-wrap" */
 262,	/* "id-alg" */
 323,	/* "id-alg-des40" */
 326,	/* "id-alg-dh-pop" */
@@ -3113,7 +3126,7 @@ static const unsigned int ln_objs[NUM_LN]={
 172,	/* "Extension Request" */
 808,	/* "GOST 28147-89" */
 844,	/* "GOST 28147-89 Cryptocom ParamSet" */
-852,	/* "GOST 28147-89 MAC" */
+856,	/* "GOST 28147-89 MAC" */
 846,	/* "GOST 34.10-2001 Cryptocom" */
 845,	/* "GOST 34.10-94 Cryptocom" */
 806,	/* "GOST R 34.10-2001" */
@@ -3436,6 +3449,9 @@ static const unsigned int ln_objs[NUM_LN]={
 357,	/* "id-aca-group" */
 358,	/* "id-aca-role" */
 176,	/* "id-ad" */
+853,	/* "id-aes128-wrap" */
+854,	/* "id-aes192-wrap" */
+855,	/* "id-aes256-wrap" */
 262,	/* "id-alg" */
 323,	/* "id-alg-des40" */
 326,	/* "id-alg-dh-pop" */
@@ -4221,7 +4237,7 @@ static const unsigned int obj_objs[NUM_OBJ]={
 806,	/* OBJ_id_GostR3410_2001            1 2 643 2 2 19 */
 807,	/* OBJ_id_GostR3410_94              1 2 643 2 2 20 */
 808,	/* OBJ_id_Gost28147_89              1 2 643 2 2 21 */
-852,	/* OBJ_id_Gost28147_89_MAC          1 2 643 2 2 22 */
+856,	/* OBJ_id_Gost28147_89_MAC          1 2 643 2 2 22 */
 811,	/* OBJ_id_GostR3411_94_prf          1 2 643 2 2 23 */
 812,	/* OBJ_id_GostR3410_2001DH          1 2 643 2 2 98 */
 813,	/* OBJ_id_GostR3410_94DH            1 2 643 2 2 99 */
@@ -4556,14 +4572,17 @@ static const unsigned int obj_objs[NUM_OBJ]={
 419,	/* OBJ_aes_128_cbc                  2 16 840 1 101 3 4 1 2 */
 420,	/* OBJ_aes_128_ofb128               2 16 840 1 101 3 4 1 3 */
 421,	/* OBJ_aes_128_cfb128               2 16 840 1 101 3 4 1 4 */
+853,	/* OBJ_id_aes128_wrap               2 16 840 1 101 3 4 1 5 */
 422,	/* OBJ_aes_192_ecb                  2 16 840 1 101 3 4 1 21 */
 423,	/* OBJ_aes_192_cbc                  2 16 840 1 101 3 4 1 22 */
 424,	/* OBJ_aes_192_ofb128               2 16 840 1 101 3 4 1 23 */
 425,	/* OBJ_aes_192_cfb128               2 16 840 1 101 3 4 1 24 */
+854,	/* OBJ_id_aes192_wrap               2 16 840 1 101 3 4 1 25 */
 426,	/* OBJ_aes_256_ecb                  2 16 840 1 101 3 4 1 41 */
 427,	/* OBJ_aes_256_cbc                  2 16 840 1 101 3 4 1 42 */
 428,	/* OBJ_aes_256_ofb128               2 16 840 1 101 3 4 1 43 */
 429,	/* OBJ_aes_256_cfb128               2 16 840 1 101 3 4 1 44 */
+855,	/* OBJ_id_aes256_wrap               2 16 840 1 101 3 4 1 45 */
 672,	/* OBJ_sha256                       2 16 840 1 101 3 4 2 1 */
 673,	/* OBJ_sha384                       2 16 840 1 101 3 4 2 2 */
 674,	/* OBJ_sha512                       2 16 840 1 101 3 4 2 3 */

--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -2508,6 +2508,18 @@
 #define LN_des_ede3_cfb8		"des-ede3-cfb8"
 #define NID_des_ede3_cfb8		659

+#define SN_id_aes128_wrap		"id-aes128-wrap"
+#define NID_id_aes128_wrap		853
+#define OBJ_id_aes128_wrap		OBJ_aes,5L
+
+#define SN_id_aes192_wrap		"id-aes192-wrap"
+#define NID_id_aes192_wrap		854
+#define OBJ_id_aes192_wrap		OBJ_aes,25L
+
+#define SN_id_aes256_wrap		"id-aes256-wrap"
+#define NID_id_aes256_wrap		855
+#define OBJ_id_aes256_wrap		OBJ_aes,45L
+
 #define OBJ_nist_hashalgs		OBJ_nistAlgorithms,2L

 #define SN_sha256		"SHA256"
@@ -3457,7 +3469,7 @@

 #define SN_id_Gost28147_89_MAC					"gost-mac"
 #define LN_id_Gost28147_89_MAC					"GOST 28147-89 MAC"
-#define NID_id_Gost28147_89_MAC					852
+#define NID_id_Gost28147_89_MAC					856
 #define OBJ_id_Gost28147_89_MAC					OBJ_cryptopro,22L

 #define SN_id_GostR3411_94_prf		"prf-gostr3411-94"

--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -849,4 +849,8 @@ id_GostR3411_94_with_GostR3410_2001_cc		848
 id_GostR3410_2001_ParamSet_cc		849
 hmac		850
 id_smime_ct_compressedData		851
-id_Gost28147_89_MAC					852
+id_Gost28147_89_MAC		852
+id_aes128_wrap		853
+id_aes192_wrap		854
+id_aes256_wrap		855
+id_Gost28147_89_MAC					856
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -835,6 +835,10 @@ aes 44			: AES-256-CFB		: aes-256-cfb
 			: DES-EDE3-CFB1		: des-ede3-cfb1
 			: DES-EDE3-CFB8		: des-ede3-cfb8

+aes 5			: id-aes128-wrap 
+aes 25			: id-aes192-wrap 
+aes 45			: id-aes256-wrap 
+
 # OIDs for SHA224, SHA256, SHA385 and SHA512, according to x9.84.
 !Alias nist_hashalgs nistAlgorithms 2
 nist_hashalgs 1		: SHA256		: sha256